Log In

US Govt wants mandatory data breach notification

Reveals findings of big data review.

The US White House has called on the country's Congress to pass legislation creating a national standard for telling consumers when their data has been hacked, one of six policy recommendations from a 90-day review of data and privacy.

A patchwork of state laws requiring disclosure of data breaches, such as the massive hack at retailer Target last December, but the rules vary in terms of when and how much notice must be given.

"As organisations store more information about individuals, Americans have a right to know if that information has been stolen or otherwise improperly exposed," read the report, led by John Podesta, a top advisor to President Barack Obama.

The current Coalition government is understood to support mandatory data breach notification as a concept but has not committed to a position on the proposed legislation.

Obama asked for the review as part of his response to the revelations of ex-spy contractor Edward Snowden, who leaked information about the National Security Agency's data collection programs.

The Podesta review sought to examine consumer privacy given the reams of data collected and stored from all types of communications.

"We live in a world of near-ubiquitous data collection where that data is being crunched at a speed increasingly approaching real-time," the report stated.

The 68-page review emphasised the ways big data can be used for good in medical research and other fields, but said the government and private sector need to make sure laws are updated to protect privacy.

Its key recommendations would require action by Congress, which is unlikely to advance legislation ahead of midterm elections in November.

The White House said the Commerce Department would start work on drafting a bill that would codify a "Consumer Privacy Bill of Rights" the White House initially drafted in 2012.

The report also concluded that Congress should update the Electronic Communications Privacy Act to better protect email that has been stored or left unread.

The review said agencies should look at how to apply the Privacy Act of 1974 to non-US persons, and also find ways to identify and investigate when big data is being used to discriminate against people.

All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.Your use of this website
constitutes acceptance of nextmedia's Privacy Policy and
Terms & Conditions.